Legal

Privacy Policy

We built Gevitys to help you explore Bali with confidence. This policy explains what data we collect, why we collect it, and the choices you have.

Last updated: July 16, 2026

1. Information we collect

  • Account data โ€” name, email, phone, avatar and password (hashed).
  • Booking data โ€” reservations, guest counts, dates, special requests and preferences.
  • Payment data โ€” processed by our PCI-compliant payment partners; we never store full card numbers.
  • AI interactions โ€” the questions you ask Gevitys AI, so we can improve responses and save chats you choose to keep.
  • Device & usage data โ€” device type, language, and interactions with the app to improve performance.

2. How we use your data

  • To create bookings, process payments, and communicate with hosts on your behalf.
  • To personalise recommendations from our AI assistant.
  • To send transactional messages (confirmations, receipts, updates).
  • To keep the platform safe from fraud and abuse.
  • To comply with legal obligations in Indonesia and your country of residence.

3. Sharing with businesses

When you book a villa, service or event, we share the minimum information the host needs to serve you โ€” typically your name, contact details and booking specifics. Hosts are contractually bound to protect your data.

4. AI usage

Questions asked to Gevitys AI may be processed by third-party model providers under strict data-processing agreements. We do not use your personal data to train public foundation models. You can delete any saved AI chat from your profile at any time.

5. Your rights

  • Access, correct or delete your personal data.
  • Export your data in a portable format.
  • Withdraw consent for marketing at any time.
  • Lodge a complaint with your local data-protection authority.

6. Data retention

We keep booking records for up to 7 years to comply with tax and consumer-protection law. Account data is deleted within 30 days of your request, unless we're required to retain it.

7. Security

All traffic is encrypted with TLS. Sensitive fields are encrypted at rest. Access is role-based and audited.

8. Contact

Questions about your privacy? Email PTlongevitygroup@gmail.com.